Win.Trojan.Laroux-42 — Office (OLE) malware analysis

Static analysis result for SHA-256 6cb74aac50810e10…

MALICIOUS

Office (OLE)

97.5 KB Created: 1997-06-11 07:30:35 Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: 1564355d6f8aa06290db10c8c85eb7b1 SHA-1: 0e8f1fe68cbeaafd560cfc64c9f5e46811556250 SHA-256: 6cb74aac50810e104fa2b8479655fbf76096d6b4684a51eac072497cfd00f67b
60 Risk Score

Malware Insights

Win.Trojan.Laroux-42 · confidence 90%

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is identified as malicious by ClamAV with the signature Win.Trojan.Laroux-42. The document body contains what appears to be a status report template, which is a common lure for phishing attacks. While no specific scripts were extracted, the nature of the Laroux family suggests it likely acts as a downloader for further malicious payloads.

Heuristics 1

  • ClamAV: Win.Trojan.Laroux-42 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Laroux-42

Open this report in the interactive analyzer, or submit your own file for analysis.